Subscribe to our Threatpost Today newsletter

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

*

*

I agree to my personal data being stored and used to receive the newsletter

*

I agree to accept information and occasional commercial offers from Threatpost partners

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Threatlist: Email Attacks Surge, Targeting Execs

Overall, the number of email fraud attacks per targeted company rose 25 percent from the previous quarter (to 35 on average) and 85 percent from the year-ago quarter.

There was a 36 percent increase in email attacks against businesses between the first and second quarters of 2018, with retail, healthcare and government experiencing the most business email compromise (BEC) attempts, according to a new report. Several trends emerged in the analysis period, including management landing more in cybercrime’s cross-hairs, and big spikes in email fraud.

Executives Over-Index in Attacks

While non-management and low-level management employees are most often targeted inside organizations, executives are over-represented when it comes to relative targeting.

Regular employees accounted for 60 percent of highly targeted malware and credential phishing attacks, according to the “Protecting People” report from Proofpoint (analyzing customer attack data gathered April through June 2018). Executives only received 23.5 percent and 5.2 percent of targeted attacks, respectively.

Email attacks surged in some categories.

However, this still “a disproportionately large share of attacks” for upper management, given how few executives there are compared the total workforce.

“With information about employees widely and freely available, they can find multiple ways inside your environment,” according to the report.

Email Fraud Spikes

Overall, the number of email fraud attacks per targeted company rose 25 percent from the previous quarter (to 35 on average) and 85 percent from the year-ago quarter. Most companies were targeted at least once.

“By its nature, email fraud targets specific companies and recipients,” the report noted. “It works by impersonating someone the recipient knows and trusts. The attacker may request a wire transfer or sensitive information. In either case, the order looks like an everyday business request.”

Some industries saw triple-digit increases from a year ago: The average number of email fraud attacks against automotive companies soared more than 400 percent. Education-related attacks jumped 250 percent.

Further, more than 65 percent of companies targeted by email fraud had the identities of more than five employees spoofed. That’s more than triple the proportion in the year-ago quarter, suggesting that fraudsters are getting more creative and finding new ways to target victims.

Other Trends

Other notable data points include the fact that ransomware rebounded during the study period, accounting for nearly 11 percent percent of the total malicious email volume after falling sharply in previous quarters from its top 2017 perch.

Ransomware rebounded in the summer.

And finally, domain fraud, where attackers use “lookalike domains” to establish trust and carry out email fraud, credential phishing, counterfeiting and more, disproportionately affect U.S. consumers, the report found. Nearly two-thirds of targeted companies saw some level of abuse of their domains, including fraudsters sending attacks that spoofed the recipient’s own employer.

Also, nearly a quarter (23 percent) of suspicious domains that imitate top U.S. brands have active MX records, meaning they can send fraudulent emails to unsuspecting customers and employees.

Without headlining your percentages and numbers all over this page like spilled white-out, maybe try a different approach. There is no flow here. Your headline "Threatlist: Email Attacks Surge, Targeting Execs" had one sentence, the rest of the email of 434 words was on email fraud attacks in general. No examples of Execs being targeted within a company.

Authors

Threatpost

InfoSec Insider Post

InfoSec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Post

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.